package com.woniuxy.shiro;

import com.woniuxy.entity.RbacManager;
import com.woniuxy.entity.RbacPerm;
import com.woniuxy.entity.RbacRole;
import com.woniuxy.service.ManagerLoginService;
import com.woniuxy.utils.JWTUtil;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.Set;

/**
 * @Author: ideaAdmin
 * TODO: Class
 * TODO: 自定义域
 * Date: 2022/2/23:17:41
 * Description:
 */
@Component
public class MyRealm extends AuthorizingRealm {
    @Autowired
    ManagerLoginService managerLoginService;
    @Autowired
    RedisTemplate redisTemplate;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        String token = principals.getPrimaryPrincipal()+ "";
        String username = JWTUtil.getUsername(token);
        //根据用户获取它的所有角色
        Set<RbacRole> managerRoles = managerLoginService.findRoleByAccount(username);
        Set<String> roles = new HashSet<>();
        for (RbacRole rbacRole:managerRoles){
            roles.add(rbacRole.getName());
        }

        //根据用户获得它的所有权限
        Set<RbacPerm> managerPerm = managerLoginService.findPermByAccount(username);

        Set<String> perms = new HashSet<>();
        for(RbacPerm rbacPerm:managerPerm){
            perms.add(rbacPerm.getName());
        }

        //把角色和权限set到AuthorizationInfo(授权信息)中 并返回 使用注解来判断
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
        simpleAuthorizationInfo.setRoles(roles);
        simpleAuthorizationInfo.setStringPermissions(perms);
        return simpleAuthorizationInfo;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //转为自定义JWT
        MyJsonWebToken jsonWebToken = (MyJsonWebToken) authenticationToken;

        String token = jsonWebToken.getToken();

        //使用token获得存放的对象
        RbacManager rbacManager = (RbacManager) redisTemplate.opsForValue().get(token);


        if(rbacManager != null){
            return new SimpleAuthenticationInfo(token, token, "myRealm");
        }else {
            throw new AuthenticationException("token失效了");
        }
//        String username = JWTUtil.getUsername(token);
//        //使用账户查找密码 获得盐 然后进行校验
//        String password = managerLoginService.findPasswordByAccount(username);

//        //使用校验方法验证
//        if (JWTUtil.verity(token, username, password)) {
//            return new SimpleAuthenticationInfo(token, token, "myRealm");
//        } else {
//            throw new AuthenticationException("token失效了");
//        }

    }
}
